To run a membership we hold some information about you — your name, how to reach you, your membership record. As a members' society accountable to the people whose data we hold, we take this seriously and keep it simple: we hold what running your membership requires, share it only where membership genuinely needs us to, and keep it no longer than necessary. This notice is written to be read, not to be endured. Last reviewed June 2026.
The data controller is the Canal Heritage Society S.A.E., 21 Sharia al-Geish, Suez 43511, Suez Governorate, Egypt, VAT (ETA) 638-417-520. Data questions go to [email protected], where Dina and the member-care team handle them.
To set up and run your membership we hold your name, contact details (email, and a postal address if you want a printed card), your membership tier and dates, and — for a family membership — the names of the household members covered. When you contact us we hold the message and your reply details. For a gift membership we hold the giver's and the recipient's details. That is the whole of it; we collect nothing we do not need to run a membership.
The basis is the membership agreement between you and the society — we cannot issue a card, admit you, or invite you to events without knowing who you are and how to reach you. For general enquiries the basis is your consent and our legitimate interest in answering. We never process member data for advertising, because we run none.
This matters most to members, so we are explicit. Your membership card carries your name and a membership reference. When you use it at a network museum, the museum confirms that the card belongs to a valid current member — that is all. We do not pass the museums a profile of you, and the museums do not report your individual visits back to us beyond what is needed to confirm valid entry. Your card identifies you as a member at the door; it is not a tracking device on your cultural life.
When you book a member event we hold your booking so we know to expect you and can tell you of any change. Where an event has limited places or particular requirements, we hold only what that event needs. We do not build a record of your interests from your event history for any purpose beyond running the events you chose to attend.
We hold your membership record while you are a member and for two years after a membership lapses, so we can handle renewals and any query, then we delete it. Enquiry messages with no membership attached are deleted after a year. We keep what Egyptian law requires us to keep for accounts, and no more. These are deliberately short periods.
Inside the society, only the staff who need your data to run your membership can see it. Outside, the only parties who touch it are our payment processor (for your subscription), our print and post supplier (for a printed card or the journal), and the network museums (only to verify your card at the door). None may use your data for their own purposes. We never sell, rent or share member data for anyone else's marketing.
The site runs no advertising network, no identifying analytics, no social-media trackers, and sets no non-essential cookies — which is why there is no cookie banner. It is a set of static pages; the only data it transmits is what you enter into a form and choose to send.
Because members elect the committee that governs the society, the committee oversees how member data is handled — but committee members see only aggregate information, never individual members' personal details, unless a member specifically asks the committee to deal with their case. Your data is run by the staff, overseen in principle by the committee, and never circulated among members.
For a family membership, the named adult who joins provides the household details and is responsible for them; we use them only to issue cards and run the membership. For a gift membership, we use the giver's details to take payment and the recipient's to set up their membership, and we do not use the recipient's details for anything beyond their own membership.
You can ask what we hold about you, ask us to correct it, ask us to delete it (except what we must keep for accounts), and withdraw consent for enquiry correspondence. Write to the member-care team and we will respond within thirty days, free of charge. Because we hold little, most such requests are quick to satisfy.
We protect member data with access controls and encryption in transit, and by holding little of value to an attacker — no card numbers stored by us, no sensitive categories, no profiling database. The membership card is designed so it cannot be cloned into many valid entries from one record.
Your subscription is taken through a regulated payment processor. Your full card number is entered into the processor's secure system, not ours, and we never see or store it — we receive only confirmation that the payment succeeded and a reference, which is all we need to activate your membership. This is the most important point to understand about our handling of your money: the sensitive payment data simply does not live on the society's systems.
Email from us is about your membership: your welcome and card, your renewal invitation, the quarterly journal if you opt to receive it by email, event information, and replies to messages you send. We do not run a separate marketing list and we do not pass your address to anyone for theirs. If you would prefer not to receive the journal or event notices by email, tell us and we will stop, while still sending the essentials your membership requires.
As a members' society rather than a data business, we have deliberately kept what we hold to the minimum a membership needs. We build no profile of your interests, track no pattern in your visits, and keep no dormant database for some future use. Information we never collected cannot be lost, leaked or misused, so our restraint is itself a protection for you — and it is simply how we would want a society we belonged to to treat our own details. This is a standing commitment, not a current convenience.
To be concrete about the periods mentioned above: your membership record is kept while you are a member and for two years after a membership lapses, so we can handle renewals and any query, then it is deleted. Enquiry messages with no membership attached are deleted after one year. Event-booking details are kept only as long as needed to run the event and reconcile attendance. We keep what Egyptian accounting law requires of business records and no more. If you ask us to delete data we are not legally obliged to retain, we do so promptly. These periods are deliberately short by the standards of organisations that hoard data, and that is a choice, not an accident.
It is worth restating plainly: this website is a set of static pages. It does not run accounts, it does not track you between pages, and it transmits nothing about you except the contents of a form you choose to complete and submit. There is no analytics building a picture of your behaviour, no advertising network watching, and no cookie that follows you. The membership itself is administered separately by our staff; the website is simply where you read about the society and reach us.
If we change how we handle data we will update this page and its date. If you are unhappy with how your data has been handled, please raise it with the member-care team first so we can put it right; you also keep the right to complain to the data-protection authority in your country. Reach us through the contact page.